Comment by nathanyz
6 hours ago
The VM itself is for Claude Cowork which does all work within the VM sandbox. That doesn't help answer why they spin it up immediately and don't have a way to disable it though. Just the "why it exists" question.
6 hours ago
The VM itself is for Claude Cowork which does all work within the VM sandbox. That doesn't help answer why they spin it up immediately and don't have a way to disable it though. Just the "why it exists" question.
If you're not going to give Claude access to anything on your machine, why are you using Desktop instead of web chat? (Real question, I don't use these much!)
If you are, obviously you need the VM.
At least in a corporate environment, Claude Desktop is a pretty decent compromise. Preconfigured internally deployed MCP servers and third-party connectors make many of the necessary integrations relatively easy to control.
I use Claude Code CLI myself (inside a VM, to isolate it from the host) for >90% of my needs. For the remaining fraction - email scours, cloud drive searches, other third-party connections - the desktop application is surprisingly decent. I don't even have more than half a dozen connectors enabled. In the VM I have separate, personally managed access tokens available for various third-party services. Wouldn't really try to maintain more than 5-6, otherwise it gets too confusing. [ß]
The desktop application mostly Just Works[tm] with SSO. At least when M365 doesn't suffer from their 4-times-a-day auth outage.
ß: A lot of APIs and authentication systems were designed in the stone age. You either need a 1:1 permissioned access token that can do horrendous damage, or you deal with ultra-granular, confusing and ill-designed scoping jungle where nothing makes sense. Atlassian, I'm looking at you especially. At least an MCP server, provisioned with a reasonably done service account, doesn't have all of your powers to get things wrong with.
i wonder if they are running the proxy for external network connections in the VM.
1 reply →
I do use Claude Cowork and hence the VM is important, but I also leave the desktop app running all the time since I have many scheduled tasks at different times. The thing is that the VM could shutdown after being idle for some amount of time and then fire back up when you are ready to use it.
There's such a spectrum between "give it everything" and "give it nothing". Imagine you just want to use it to code and want to make sure any commands it runs doesn't mess up your actual machine.
It mounts specified directories into the vm from what I remember
Probably because they vibecoded it
Correct and they have no idea what they are doing.
I mean, that's kind of a stretch given how popular and well-regarded Claude Code is at this point. They're not perfect but they seem to be the best out there at this point.
2 replies →
Anthropic has pretty consistently been shitty about how they roll out their software. Extreme lack of engineering rigor and thoughtfulness.
The answer is probably as simple as "no one thought not to do that."
---
I know different people work on these things so I can't do more than guess about how engineering culture cuts across teams, but given the sheer amount of carelessness and sloppiness in Anthropic's software I have to imagine they're burning investor money in training and inference because the code to do it is as bad as the rest of their software.
It kind of does though. If you want to use the product they'll need the sandbox ready.